Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Forcepoint Dynamic Data Protection

610 views

Published on

Prezentace Forcepoint z konference Virtualization Forum 2018
Clarion Congress Hotel Prague, 25.10.2018

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Forcepoint Dynamic Data Protection

  1. 1. RETHINK CYBERSECURITY Vladimír Špička Miroslav Bajgar
  2. 2. DIGITAL ACTIVITY “BAD”“GOOD” THE TRADITIONAL APPROACH TO CYBERSECURITY ‣ Trusting static policies in a dynamic environment ‣ Decide what is good or bad at a single point in time ‣ Configure your defenses to stop the bad from entering and allow the good to pass through THREAT CENTRIC Necessary but insufficient A LACK OF CONTEXT EASY TO CLASSIFY EASY TO CLASSIFYHARD TO CLASSIFY
  3. 3. “BAD”“GOOD” A NEW PARADIGM: HUMAN-CENTRIC CYBERSECURITY BEHAVIOR CENTRIC DIGITAL ACTIVITY ‣ Detect individuals interacting with system that post the greatest potential user risk ‣ Rapidly and anonymously understand potential risky behavior and context around it ‣ Decide what is good or bad based on how users interact with your most valuable data ‣ Continuously revisit your decisions as you and our machines learn PROVIDE CONTEXT TO MAKE OPTIMAL SECURITY DECISIONS Risk-adaptive security
  4. 4. DATAPEOPLE FOCUS ON THE TRUE CONSTANTS PEOPLE DATA Understanding the intersection of people, critical data and IP over networks of different trust levels. THE HUMAN POINT
  5. 5. Forcepoint Web & Email Security Forcepoint Data Guard Forcepoint NGFW Forcepoint CASB Forcepoint Insider Threat Forcepoint DLP Gartner Magic Quadrant Leader in Enterprise DLP 9 consecutive times. Forcepoint UEBA The leader in actionable insights based on risk-adaptive scoring. FORCEPOINT COMMERCIAL PORTFOLIO
  6. 6. Copyright © 2018 Forcepoint. | 6 Protect the important data wherever it resides Overwhelming Administrators Frustrating Users Mistaking CURRENT MISSION FOR MODERN SECURITY ORGANIZATIONS without for
  7. 7. Copyright © 2018 Forcepoint. | 7 GRADUATED ENFORCEMENT BASED ON RISK For policies governing compliance use-cases or highly sensitive information, “Block All” can be the action plan for all risk levels. For policies where additional context can help inform decisions, additional granularity is now available.
  8. 8. Copyright © 2017 Forcepoint. | 8 DYNAMIC DATA PROTECTION PROVIDES AUTOMATED ENFORCEMENT DATA SOURCES ANALYTIC ENGINE AND INSIGHTS POLICY ENFORCEMENT⟩ ⟩ Forcepoint Endpoint OR Forcepoint DLP Any Data Source
  9. 9. Copyright © 2018 Forcepoint. | 9 STATIC VS DYNAMIC POLICIES IN ACTION STATIC POLICIES BASED ON PRE-DEFINED RULES Traditional DLP Policy Policy: block files from being copied to USB drives, alert gets sent to IT Kate is giving a presentation to senior leadership and tries to copy her slides to a USB stick The admin needs to track down the alert Thousands of alerts come in overwhelming the security admin team The security team turns off the DLP policy because there are too many false positives Kate is frustrated because simple tasks are blocked Kate will find another way to solve her problem The data protection system becomes ineffective ADMINISTRATOR IMPACTSUSER IMPACTS Kate, PhD Research Chemist
  10. 10. Copyright © 2018 Forcepoint. | 10 STATIC VS DYNAMIC POLICIES IN ACTION ACTIONS VARY BASED ON THE RISK LEVEL OF PEOPLE AND THE VALUE OF DATA Medium Risk Group Policy: Rather than just create an alert, take action and notify the administrator High Risk Group Policy: observe Kate’s every user & machine detail and block all data transfers or copies anywhere She gets a supplier’s query about an order she doesn’t remember placing and then logs into the supplier’s website to check on it Kate begins to bulk copy files to her local machine at off hours. Low Risk Group Policy: encrypt fingerprinted files to USB drives but allow others to be copied. Kate is giving a presentation to senior leadership and tries to copy her slides to a USB stick Kate begins accessing highly sensitive drug formula data and attempts to copy it off the corporate network Kate, PhD Research Chemist
  11. 11. Copyright © 2018 Forcepoint. | 11 INSIGHT INTO INTENT An employee tries to print customer’s credit card data and the DLP solution blocks it. Is this employee a risk?
  12. 12. Copyright © 2018 Forcepoint. | 12 INSIGHT INTO INTENT What if your employee…. tries to print customer’s credit card data and your DLP solution blocks it, but then… tries to upload it to Google Drive and your CASB solution blocks it, but then… tries to copy it to USB, and your DLP solution blocks it, but then… tries to send it to a personal email address, and your DLP solution blocks it, but then… tries to FTP it outside the organization, and your DLP solution blocks it… tries to send it to upload it to Dropbox, and your CASB solution blocks it, but then… Is this employee a risk? How would you know?
  13. 13. Copyright © 2018 Forcepoint. | 13 INSIGHT INTO INTENT Let’s try that again, but with Forcepoint’s Dynamic Data Protection…. Your employee tries to print customer’s credit card data and your DLP solution blocks it, but then… tries to upload it to Google Drive and your DLP solution blocks it, but then… tries to copy it to USB, and your DLP solution blocks it, but then… tries to send it to a personal email address, and your DLP solution blocks it, but then… tries to FTP it outside the organization, and your DLP solution blocks it… tries to send it to upload it to Dropbox, and your CASB solution blocks it, but then… Employee Risk
  14. 14. Copyright © 2018 Forcepoint. | 14 INSIGHT INTO INTENT Once High Risk is identified, Security Team has options 1) Initiate an investigation 2) Adjust policies and implement protective measures
  15. 15. Copyright © 2017 Forcepoint. | 16 BENEFITS OF DYNAMIC DATA PROTECTION Intelligent DLP Increased Productivity Detect and Respond to High-Impact Events in a Shorter Amount of Time. Provide greater flexibility in policies, and adapt enforcement based on calculated risk. Proactive Security Management Reduce the amount of DLP alerts that need to be triaged, transition DLP from broad to individual policies.
  16. 16. Copyright © 2017 Forcepoint. | 17 FORCEPOINT DYNAMIC DATA PROTECTION THANK YOU! LEARN MORE AT forcepoint.com/dataprotection

×